08-27-2019 07:29 AM
Hi All,
Is it possible to configure anyconnect SSL client Vpn using Private IP so that my internal users sitting in corporate network can connect to particular zone or server through Vpn tunnel.
Any help will be appreciated
08-27-2019 07:52 AM
08-27-2019 08:14 AM
Hi RJI,
Thanks for your reply.
My requirement is like, want my users in corporate network sitting behind core and distribution level switches should connect to devices in other zone example (DMZ, Server farm) via secure anyconnect SSL client base Vpn configure on ASA.
If possible can anyone please share any document or configuration guide base on my requirement.
08-27-2019 08:51 AM
Ok, here is an example of SSL-VPN on ASA.
I wouldn't say what you are wanting to do is very practical, but it is possible. If the users are behind the ASA anyway, you should be able to just permit access from INSIDE to DMZ, without the need to run a SSL-VPN connection.
HTH
08-28-2019 11:03 PM
Hi RJI,
Thanks for your reply and suggestion to achieve my goal via access policies. But due to some complaince and client requirement we need access our servers in Dmz or any other zones via SSL Client vpn.
08-31-2019 09:52 AM
If you enable the AnyConnect client connection on both the outside interface and inside interface. Then your users should be able to use AnyConnect client to establish a session. Then you just need to be sure that your policies for the Remote Access vpn allow access to DMZ etc.
HTH
Rick
09-01-2019 09:37 PM
09-01-2019 10:57 PM
You only need to enable webvpn (SSL VPN) on the interfaces where you want you clients to connect.
Tunnel only specified networks (your DMZ subnet(s)) in the group policy.
Either NAT the users' VPN addresses to the ASA interface address or else put routing in place so that the Fortigate knows the pool is reachable via the ASA interface.
Make sure the ASA interface (or VPN pool - according to which approach you took above) can reach the target DMZ host(s) and that the user's native addresses cannot - i.e. rules in your Fortigate
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide